How can we help?

Are you Developing an RFP and Need (or think you need) Single Sign-on? Read This First

We’ve implemented various degrees of single sign-on between content management systems and association management systems. Often when we receive a Request for Bid for an association website, clients tell us they want Single Sign-On (SSO) capabilities. Seems straight-forward, right? Not so fast.

A lot of times we don’t know going in if an association just needs the ‘light’ version or the ‘full-calorie’ version of Single Sign-On, because RFPs don’t always include the details we need to make that determination. The time for development can range from just a few hours for a light version, to well over 100 hours for a full-calorie version, which is why nailing down the difference between the two early on can save both your developer’s timeline and your deadline and budget.

As a starting point, consider this: with lite single sign-on you get to see. At full calorie, you get to do.

Here’s what I mean…

Single Sign-On (Lite). Let’s say you have a scenario where you would like members to login to the website, which then automatically logs them into your Association Management System (AMS). With that, members can now access your AMS as well as see any protected content within your website. That’s the light version, and means a relatively inexpensive SSO. Piece of (lowfat) cake.

Single Sign-On (Full Calorie). In this scenario, you want members to perform advanced functions on the website, such as event registration, eCommerce, dues payments and more. You’d also like to add some convenience features for your members. For example, when the member logs in and registers for an event, you’d like their contact information (address, etc.) to auto-populate the registration form. When they complete whatever they are doing, that data will then be pushed back to your AMS. This is a full calorie version of Single Sign-On. Certainly do-able, but requires much more time in planning and development, which means more cost.

Like snowflakes, no two SSOs are alike. So it’s important to truly know what you need and why you need it, because you may end up be being quoted or billed for the full-calorie SSO, when all you need is the lo-cal version, or vice versa.

In our next post, we’ll talk about 5 critical things you should do for your website for January, 2015.

Related Posts

i2Integration Creates Single Sign-on Capability Between DNN and Avectra netFORUM

Single sign-on for three independent but associated websites means a seamless member database and improved interactivity for users, thanks to i2Integration.

Administrators and members of the American Association for Women Radiologists (www.aawr.org), the Society of Computed Body Tomography & Magnetic Resonance (http://www.scbtmr.org/) and the North American Society for Cardiovascular Imaging (http://www.nasci.org/) now enjoy a single sign on between Avectra and DNN.

The new capability allows members to log in to DNN, which then automatically logs them into Avectra’s NetFORUM. Upon login, member profile data is pulled from Avectra to populate the DNN user account with Avectra’s data. Roles are automatically assigned in DNN based on the member profile in Avectra. Instant benefit to members: one central login and one account to manage.

“Avectra netFORUM is a great platform for association management," said John Forsberg, i2Integration CEO. "Pulling that together with the open source DNN CMS gives our clients a powerful solution, directly tying the website to the membership database and online member interactivity."

How we did it:
i2Integration created a DNN login module that was placed on the three websites, which allows users to enter their credentials, click a button and attempt a login to the site.

Upon entering a username and password and clicking the Submit button, the module attempts to verify that the credentials are valid using the netFORUM API’s “Authenticate” method. This method returns a SingleSignOn Token if the credentials that are passed are valid.

If the Authenticate method does not return a valid token, the DNN module attempts to log the user into the DNN site with local credentials. If the DNN authentication succeeds, but the netFORUM authentication fails, an error is presented to the user that informs them that their user information is out of date, and that they need to contact the website owner for further assistance.

If neither authentication succeeds, the user is presented with a message stating that the entered user information is invalid.

If the netFORUM authentication succeeds, but no matching username exists in DNN, a call is made to the netFORUM API “CheckEWebUser” method, passing in the username, password and authentication token. This method returns the basic user information needed to create a copy of the user in DNN. Once the user is created in DNN, the standard DNN authentication is performed, and the user is logged into DNN. The user is also added to a “Members” role based on a flag returned by the netFORUM API “GetIndividialByKey” method. If the individual has a value of 1 in this field, they are considered to be in the “Members” role; otherwise, they are considered a “Visitor" and only have the role of “Registered Users” in DNN.

If the netFORUM authentication succeeds, and a matching username exists in DNN, a call is made to the netFORUM API “CheckEWebUser” method, passing in the username, password and authentication token. This method returns the basic user information needed to update the user in DNN. Once the user's account is updated in DNN, the standard DNN authentication is performed and the user will be logged into DNN.

The login is maintained using a cookie, so if the user travels to another website and then returns back to the DNN site, they are still logged in as long as the cookie is not expired.

The three websites require a user’s session when moving from the DNN website to the netFORUMs site. Currently, netFORUMS only has one option for this, called the “SSOToken,” which must be passed in as a querystring variable for every link. DNN does not have an easy way to append this token to variable links. JavaScript was added to the three sites to recognize any links of https://netforum.avectra.com/eWeb/DynamicPage.aspx and appends the needed site name and users' SSO Token, allowing them access to the Avectra netFORUM site. The user is notified via a pop-up that they need to log in before they have access to these pages.

It’s time to go “Mobile First”

According to industry reports, 60 percent of total digital media time spent from 2013 to 2014 was done from a mobile device. And that’s only going to increase. To effectively reach this audience, it’s time to start thinking about moving your website away from a Desktop First approach, and over to a Mobile First approach.

Traditionally, a website was built with its priority toward displaying on a desktop computer, where it could then be scaled down for use on a mobile device. That’s called “graceful degradation.”

That’s worked just fine for several years, but with that 60 percent number climbin, that method isn’t going to cut it anymore.

With your audience primarily using mobile, you should be designing for Mobile First. With this method, your site is designed for mobile use primarily, then can be scaled upward to the desktop. That’s called “progressive enhancement.”

We’re starting to see our clients and their needs going more toward this Mobile First philosophy, and that changes everything: how you look at navigation, how you look at prioritizing the content structure and the overall graphic design of the site.

Navigation, in the traditional Desktop First version, has tons of options: think pull-downs, subpages and deep, deep navigation menus. You can’t do that with Mobile First; what you need are fewer options that get people where they’re going in as few touches as possible. This can be done by creating more landing pages, for example, but the navigation menu itself should have very few choices.

Graphic design, if you are going Mobile First, means getting rid of the extraneous: flashy graphics and fluffy content have no place -- it will be ignored or even worse, drive users away. You have limited bandwidth and limited screen real estate to work with. Mobile First is all about action and content: content that is short and concise, and action that should be easy to get to and prominent (think register, sign up and purchase here).

It sounds easy to say Mobile First, but it truly is a complete mindshift. In some ways, it’s almost a throwback to the days when we first started (21 years ago) and the web was young. Back then you had very little bandwidth and small monitors that affected how you designed a website. Same thing today when it comes to mobile. The only difference now is that we can do far cooler stuff within the same limitations than we ever thought possible back then.

Maybe a better of way of saying it is it’s Back to the Future for all of us.

Mobile Design: Don’t Sign the Contract Until You Read This

Your association’s most recent member survey has resulted in a mandate: your website has to become mobile friendly. Now, don’t make that face; going mobile is the best thing an organization can do for its members these days.

Here are some things to consider when looking to go mobile:

Are you using a Content Management System (CMS)? If you are, and it’s something like Drupal, WordPress or DNN, say, then you are looking at potentially just creating a new theme that is mobile-friendly. All your content is there, you’re just having us create a new front end. Doing it that way could save some cost, both on our end and yours.

If your site isn’t in a CMS or something proprietary, you might run into issues. There are systems out there that combine a CMS with the association management system, and with some of those, you might be locked into a design that is not mobile-friendly. Bottom line: the technology your site is currently using is extremely important in determining whether a re-design for mobile is possible.

Your content: Is it clean? This has to do with the time it will take to make your site mobile friendly, and ultimately, the cost. And what clean means is if your site uses lots of tables and lots of “in-line code,” meaning forced font sizes and styles, all of that is going to need to be “cleaned” for mobile devices. What was fancy and appealing when your website was initially designed for displaying on a desktop is just plain messy for mobile use. And if there’s a lot this messily formatted content, you’re talking some additional time and expense in getting the content prepped for mobile.

Navigation: How complex/deep is your site now, and how complex/ deep does it need to be for mobile? With menus on mobile devices, you’ve typically got a scrolling list view of pages. If your site is four levels deep, it can make navigating a real problem on a mobile device. The more levels, the tougher it is for users to navigate. And with every extra click a user has to make to get somewhere on your site, the likelier it will be that they will give up. “Flattening” the navigation (less layers) and consolidating pages will help make navigation easier and more efficient on a mobile device.

Landing pages: With mobile, it’s all about consolidated content, creating landing pages that serve as launching pads to common content (pages that get the most traffic), so you’re not forcing your users to hunt for it.

The days of flashy websites are, for better or worse, coming to an end as more and more people use mobile devices for everything they do online. A simplified look and optimized content presentation is key. With mobile devices, you only have so much screen real estate and often, limited bandwidth; anything that is not needed by your users should be eliminated.

In our next post, we’ll clear up the mysteries of single sign-on.

Draw.io: 7 reasons this app rocks for business

The web developers at i2 never stop impressing me with what they know about the best available technology, which they know not only because it's their job to know, but because they think knowing this stuff is just plain fun."

Recently, I needed to create a flowchart while working away from the office. I had my laptop and I had Internet access, but that particular laptop did not have Microsoft’s Visio flowcharting software installed.

Instead of downloading Visio, which would have taken forever given the living-in-the-woods speed with which I have become accustomed, Sean (i2's director of development) pointed me to a cloud-based flowchart and diagram application called Draw.io (www.draw.io).

Five whole minutes later, having already created my first simple chart, I said aloud: “Damn! THIS is how cloud-based apps should work!”

Here’s why:

1. It’s entirely browser-based. No software to install.

2. No login or registration required. Go to www.draw.io and just go to work. How refreshing – not having to give my email to yet another company.

3. Incredibly easy to use. Drag-and-drop, fast and intuitive.

4. Powerful flowcharting capabilities with tons of objects to use (and you can even create your own).

And it’s free, which is great. But what also truly impressed me was how Draw.io looks and functions like a traditional desktop software app. You would be hard-pressed to spot the difference.

If you need to knock out a quick chart or even something more complex, I recommend give Draw.io a look.

You were right again, Sean; that was fun.

I Know What I Did This Summer

Pardon my blog blackout; It's been one crazy summer.

In the space of six weeks, i2Integration doubled in size – we're talking staff and revenue. In a three-week period we hired three new rockstar developers, not an easy task when finding a single stellar developer is a once-a-year event at most. We also implemented a new project management system called Jira; and built Agile development into our production process.

How did we double in size? It was kind of the perfect storm. We landed some nationally known new accounts, and some existing projects that had been slowly ramping up over months (and in one case, over a year) were suddenly ready to rock and roll. And a couple clients, who originally contracted with other firms, called us in to rescue their projects. Big fun.

A bit about Jira and Agile: Jira manages everything from code to project and issue tracking. It's become the preferred system for the state of Michigan, and it's also excellent for managing Agile development projects. A year ago one of our clients turned us onto Jira, which just goes to show how much our clients can teach us.

Agile is a development methodology where you work in what are called sprints. Here's a link to an article where we talked a bit about it. Agile has been great for us. It's streamlined production and allows us to focus on a particular project and client in short, dedicated bursts and to schedule work better.

The summer's flurry of activity wasn't without its difficulties, and believe me, everyone in our office felt the bumps. But we made it through. This has forced us, in a good way, to become smarter in our development process and allowed us to turn around work much faster than we had been able to in the past. We're expecting even more growth, and now we have the people and the infrastructure to meet that demand.

The great thing is that because of Jira and Agile, our new staff were able to hit the ground running within their first week, something that would not have happened before this summer's streamlining process.

In 1999, i2Integration was essentially a one-man company when I landed Sparrow Health System. I knew at that moment that everything had just changed. This summer, I have had that feeling again. We have all the pieces in place – the methodologies, the systems and the staff – to turn around more consistent work, faster. For those who felt the bumps yet trusted this process and stuck with us, welcome to a new era.

When we talk about building stable software, it doesn’t get any better than this

This is amazing. When we talk about building stable software, it doesn’t get any better than this.

In Gdansk, Poland there is an auto repair shop that is still running a Commodore 64 computer for its operations.

This C64C used by a small auto repair shop for balancing driveshafts has been working non-stop for over 25 years! And despite surviving a flood it is still going...

Seeing this both makes me smile, and painfully aware of every grey hair that remains in my head.

Back in 1983, I learned basic programming on the C64. After school, I would go to my family-run advertising agency and write code for a sales lead program we developed (CRM wasn’t a thing yet), and then go home to play Zaxxon or appease my older brother by developing a program that could predict the next Lotto numbers (it couldn’t). The Commodore 64 holds a special place in my heart and was truly the foundation of my eventual career. In fact, a Commodore 64 sits in my company’s lobby today. It still works after all these years!

Comments are closed.

Newsletter Sign-Up

This isn't your grandpa's newsletter. You won't find fluff. Or news about who won the golf tournament. No, in our newsletter you'll find meaty information that will help you run your business better. Click here to sign up.